Join Scott Morris for an upcoming CCIE Routing and Switching Mock Lab Workshop. Workshops are currently scheduled in central locations such as San Jose CA, Dallas TX, and RTP, NC. Each CCIE Mock Lab Workshop offers the student the chance to be led through Internetwork Expert’s exclusive Mock Labs with personalized feedback from a world renowned instructor.

This is the class that I attended in June and I really loved it. At $3,500 I think that it was probably too expensive for self-financed candidates (my employer reimbursed my costs) but I definitely recommend the class. The $1,995 price point is a great move. This makes it one of the lowest cost live training classes and brings it into competition with Narbik’s boot camp. Hell, for only $500 more than I paid for the workshop, you could do both. 🙂

I would suggest that if you are planning on attending the Mock Lab Workshop to attend it at least 28 days out from your lab (28 days from the end of the workshop). The workshop will give you a good feel for how prepared you are for the lab. If you’re not quite ready, then you can easily change your lab date. If you get the thumbs up from Scott, then you can just as easily move your lab date up quickly as there are generally a number of slots open within 28 days of booking.

If you’ve completed any of the IE Graded Mock Labs, then I would check with IE before booking the class to see which ones (if any – they may have new labs now) of these labs that they will be using for the workshop. I don’t know how long they will continue with the $1,995 price, so you may want to talk to IE about their reseat policy. In my class there were a couple of guys who attended but did not do the labs because they were still early in their studies. They planned to reseat the class at a later time. That might be an option if you want to lock in the lower price.

In other IE related news, IE has decided to nix LockLizard. LockLizard is PDF security software. IE started using it with the beta releases of the new Volume I v5 workbook. In order to open a PDF you needed to have LockLizard installed on your machine (Windows only – no Linux/Mac) and have a license from the publisher. I used it briefly with the betas and it did make reading the PDFs a little sluggish. I think that there were issues with needing to renew the license every couple of weeks and printing/number of computers used as well. LockLizard was implemented to reduce piracy, but the end user experience was bad enough that IE is yanking it:

After reviewing the customer issues with our secure PDF application LockLizard we have decided to switch back to standard PDFs. You will find in the next coming days that the existing products secured using LockLizard available through your members’ site account in standard PDF format.

The idea behind us using LockLizard was to cut down on the amount of piracy our support team has to deal with on a daily basis. BUT if our measures to fight piracy cause our paying customer’s headaches then it’s not a good solution.

We have implemented a few new solutions to deal with piracy and one of them uses steganography to ensure that each user’s PDF is unique in addition to the standard watermarks (email address, IP address, etc). This means that even if a user removes the watermark and reprints or converts the PDF into a new PDF it will still be identifiable by our support team as to who’s account it came from. We had to add some bigger servers for this since the PDFs are generated on the fly. We additionally had a crawler written that goes out and looks for pirated material and then automatically gets the files removed.

Lastly anyone want to buy a $10,000+ secure PDF application. 😉

Brian McGahan discussed this a bit further in the comments section:

From the beginning Brian and I have always struggled with the tradeoff between convenience to the user and protection of our intellectual property. When downloading free software or training or whatever from the Internet it’s easy to just write it off as being from some huge nameless corporation, and let’s be honest, none of it is that hard to find if you look for it. What is also easy to forget though is the amount of time and effort it took the author to produce it. Brian and I have invested literally thousands and thousands of hours of our own lives into developing these products, maintaining them, supporting them, and ensuring that they are the highest quality out there, so sometimes we do take it personally when we see them floating around.

Unfortunately for everybody any type of DRM is always a constant struggle between the numbers of legitimate customers who should be able to access their material that they purchased at their leisure in the most convenient fashion, and those out there that have to ruin it for the rest of us.

Hopefully this new steganographic solution will work out better, because from what we’re seeing of it now it’s very unobtrusive to the user, while nearly impossible to defeat. Unless of course you have memorized the exact output that every single “show” command in IOS is supposed to return

The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city’s virtual private network.The passwords were filed this week as Exhibit A in a court document arguing against a reduction in US$5 million bail in the case of Terry Childs, who is accused of holding the city’s network hostage by refusing to give up administrative networking passwords. Childs was arrested July 12 on charges of computer tampering and is being held in the county jail.

Though they placed the passwords in the public record, city prosecutors do seem to think that they are sensitive.

The passwords, discovered on Childs’ computer, pose an “imminent threat” to the city’s computer network, according to the court filing. Childs could use the names and passwords to “impersonate any of the legitimate users in the City by using their password to gain access to the system,” the motion against the bail reduction states.

Although the DA’s office did not say what the passwords were used for, a source familiar with the situation said that they are for logging into the city’s virtual private network, and that this type of information is something that a network administrator like Childs would be expected to have.

Posting these passwords in public creates a security risk, although the passwords are not enough to give a criminal access to the city’s VPN. The passwords are so-called “phase one” passwords, and must be combined with a second password to access the network, the source said.

I’m not going to pretend to be a security expert, but even if these area only “phase one” passwords, I would think that it would give hackers a nice leg up on their work. Why do I get the feeling that the “phase two” password is just NT authentication? 🙂

Of course, even the most half-assed IT department would have required that all users change their passwords once the whole Terry Childs drama began, so everything should be alright, right? 😉

July 28, 2008

I completed IE’s Volume II lab 3 for the second time yesterday. I’ve started redoing all of the labs in order (I hope to make it through all 20 before my lab date). As I’ve stated before, I was surprised that I don’t memorize labs. It looks like I last did this lab back in December (where has the time gone?) so it shouldn’t be too big of a surprise.

This was a difficulty level 6 lab, so it was pretty straight forward. I did hit a couple of snags, but I was able to get through them because I finally have my head around some of the technologies. As Brian Dennis says, “You never stop making mistakes, you just get better at spotting them.”

The first time through this lab I was nowhere near as strong in BGP and multicast (I’m still not “lab ready” in either technology, but I’m way better than I was). In this lab there were two AS 100. I was having a heck of a time because I could not get the backbone prefixes advertised into one AS 100 to propagate to the other AS 100 (there was a transit AS between them). So I stepped back and thought about it. I could see the prefixes in the peer’s BGP table and I could see that they were being advertised (‘show ip bgp neighbor x.x.x.x adv’) from the peer but not received by my router (“show ip bgp neighbor x.x.x.x route’). My router was installing 3 other prefixes that were originated from a different backbone router. WTF? So I started mentally running through the reasons why my router would not accept those routes. What was it that was different about those 3 prefixes that were installed and the 10 that were not being installed. Voila! Those 10 prefixes were being advertised to the other AS 100 then to the transit AS and then dropping when hitting this AS 100. DOH! A BGP router will not install prefixes that already contain its own AS number. That was the problem. Now I could concentrate on solving this issue rather than wasting time on troubleshooting.

Now you’re probably thinking “big deal” and/or “how does this guy expect to pass the lab?”, but my point is that I was able to solve this issue by knowing the technology. I’m pretty sure that the first time through this lab I did not even notice this issue (you eventually filter those routes, so it becomes a non-issue) nor would I have successfully found the reason. Doing a lab for a second (or third…or forth…) time can help catch problems that you did not see the first time through.

I hit another snag when I got to multicast. Try as I might I could not get one of my routers to recognize the RP. The interface was configured correctly and I was seeing the PIM neighbor. By doing a simple traceroute I was able to see that traffic was routing over a PTP link instead of the Frame Relay link. But I took care of that earlier in the lab by setting the OSPF cost to a high value, right?. Unfortunately, after that task I set the OSPF auto-cost so that all of the other links now had a higher cost. My PTP link was now preferred over my Frame Relay link. I had used a high cost value (6000) but it was not high enough once the other costs were adjusted 😦 Again, I was able to (relatively) quickly find the issue and I understood how and why it was happening (as well as how to fix it). My multicast configuration was correct. The first time through I most likely did not catch this issue because I probably did not verify everything with the degree of anal-retentiveness that I do now. I could have easily overlooked this issue if I did not verify the RP mapping on that router. The problem would not show up in my ping scripts. I would have lost points for at least two sections.

Anyhoo…my point is that you should definitely do labs more than once, especially if it’s been a while since you last did the lab.

July 26, 2008

Most of us do this I think. A candidate gave me some solid advice (I believe he got it from a class): touch every word. Physically poke each word with your finger as you read. It sounds retarded but it forces you to slow down and notice things like they specified the name of the ACL or some other arbitrary crap that would cause you to miss an entire task that you had otherwise done correctly.

I think this technique takes on more importance with tests like the CCIE lab because the people who take it (a little self-fel… ahem, back-patting here) are typically smart enough to skim non-technical things, and in fact get bored if they try to read carefully because most material is too easy. Works great in meetings when it takes a group 10 minutes to agree that the meeting has started (and you’re already three articles into Slashdot on your crackberry), sucks on a technical lab exam.

July 24, 2008

Cisco and Pearson VUE Launch Global Test Delivery Exam Security EnhancementsCisco and its global testing provider, Pearson VUE, a business of Pearson Inc. are pleased to announce a series of security enhancements that will reinforce the integrity and value of its Career certification program.

The advanced security enhancements include the use of digital photographs for candidate-identity verification and forensic analysis of testing data. The new measures, to be implemented beginning on Aug. 1, will include:

Photo on Score Report and Web – On completion of a certification exam at the test center, candidates will receive preliminary score reports imprinted with their photos and unique authentication codes. The authentication code can be used to access a candidate’s official score online at Pearson VUE’s website usually within 72 hours of the examination. The online score report will also display the candidate’s photo. Candidates may share access to their online records with employers or other third parties.

Forensic Analysis – Exam results and other testing data will be continuously analyzed by forensic software to detect aberrant testing behavior and to flag suspect exams for further investigation.

Preliminary Score Report – All paper score reports will be preliminary, pending the results of forensic analysis, until official exam scores are posted to the Web usually within 72 hours of exam completion.Once the exam scores are official, candidates may use the authentication codes on their score reports to access the Pearson VUE website for score and photo verification.

These new exam security measures are part of Cisco’s overall strategy to protect the value and integrity of its certifications. Other measures include simulation-based testing, dynamically generated questionsand emulations to help ensure that Cisco certified networking professionals continue to have the knowledge, skills, and credentials to perform well on the job.

It looks like Cisco is getting more serious about the integrity of its certification testing. Associating a photo with your test result will help to stop proxy test takers (those who sit an exam under a different person’s name). I’m not exactly sure what dynamically generated questions are, but my guess is that this is generating unique questions and answers based on changes in variables in a question. For instance, you might memorize the answer to a CCNA subnetting question by reading a brain dump. You may get the same question on the exam, but the IP address and subnet mask is changed as well as the order of the answers. In that case you would need to actually know how to subnet rather than just know to click 176.18.242.0/18.

During a Cisco certification exam, each keystroke is logged and a record is created that includes the length of the test period, how much time was spent on each question, whether an answer was changed, how much time was spent on the second answer, etc. After the exam is completed, but before the results are processed, each exam session is analyzed by forensic software that analyzes the session against established behaviors and suspect exams are flagged for investigation.

“When you analyze a testing program the size of Cisco’s, you develop an extensive knowledge base of behaviors you expect to see at every level of the examination,” said Trask. “We’ve broken the population down by age, sex, education, country, etc., and we know what to expect in almost every instance. We’ve established norms for behavior for an individual taking an exam for the first time, for taking an exam a second time after failing initially. We know how the distractors should be performing. We’ve amassed a wealth of knowledge for every test question.”

When an exam is flagged, it is investigated by VUE psychologists and security teams. If they determine that there is a problem with the exam, the results are invalidated and the candidate is offered a free chance to retake the test. They are given a different form of the test and have the opportunity to validate that they understood the information and should have passed the test.

Program Data Forensics

Another layer of security examines a wide range of other program attributes to determine what is occurring within the program. “We’re comparing testing center to testing center, and within a center, we are comparing one administrator to another administrator to see if inconsistencies emerge,” Trask said. “We look at things like candidates who live in one country but test in another; we review financial information, credit card information; just a very wide range of information to see patterns and inconsistencies.”

This sounds like the most powerful weapon to combat cheating. I won’t pretend to know the details of a forensic algorithm, but if your zip though five CCNA subnetting questions in a matter of seconds, then it’s pretty obvious that you’re either fluent in binary or you are choosing answers that you’ve most likely seen before. You may want to think twice before posting about getting 1000/1000 and finishing the exam in 15 minutes. 🙂

The last bit about using forensic analysis to monitor testing center results as well as individual test administrators will hopefully crack down on leaked exams.

Gregory’s article mentions test takers who take the exam in order to harvest questions. That may be effective, but I have to imagine that slipping some cash to a testing center administrator would be a more effective way of stealing exam questions. There are cameras all over the testing center. How hard would it be for a person working at a testing center to simply copy questions by reading a test taker’s screen? It would be interesting to introduce variations on questions in certain test center’s exams only and see if those questions appear on brain dumps.

Anyhoo…hopefully this will start to cut down on the number of exam cheaters and bring a little bit of the former prestige associated with the CCxA and CCxP certifications. I also hope that this will mean that the tests themselves will concentrate more on core topics and less on out of left field questions meant to make the exams more difficult.

July 23, 2008

If you haven’t been following the story of the San Francisco network engineer, here’s the backstory: a CCIE working for the city of San Francisco set up the FiberWAN network with himself as the only person who had access to the network equipment. After a dust-up with his boss, he refused to disclose the password to access the FiberWAN routers. Even though he was arrested and facing years in prison, he refused to disclose the password….until the mayor paid him a visit.

After a weeklong standoff with a city employee accused of hacking into San Francisco’s government computer system, Mayor Gavin Newsom gained the suspect’s password after a rare jailhouse visit, according to authorities.

Newsom apparently made a secret jailhouse visit to Terry Childs, 43, who is charged with hacking the city’s computer system and creating a secret password that gave him virtually exclusive access to most of the city’s municipal data.

While in jail and held on $5 million bail, Childs initially refused to reveal the password that would give full access to the network back to city employees, city officials said. But that changed when Newsom agreed to meet Childs on Monday.

The mayor “figured it was worth a shot, because although Childs is not a Boy Scout, he’s not Al Capone either,” Newsom spokesman Nathan Ballard told the San Francisco Chronicle.

The meeting was apparently arranged without the district attorney’s knowledge. Several calls to the DA’s office were not returned.

Childs, an employee of the city’s Department of Technology, pleaded not guilty in court last week to four counts of computer network tampering.

Note: This is part 2 (actually part 3) of my long, rambling review of the Internetwork Expert Mock Lab Workshop in Reno. See here and here for the other posts.

I ventured down to the training room around 7:30 am and found a handful of people seated there. I asked if this was the Mock Lab Workshop and was told that it was. It turns out that Internetwork Expert was running a 12-day boot camp which is a the 5-day boot camp plus weekend sessions plus the Mock Lab Workshop. That explained the “Routing and Switching Boot Camp” sign in the hall.

I got settled in and tested the wireless connection. I had installed Ubuntu on my laptop during a layover on my outbound flight (my XP CD was too scratched to work) and had not been able to verify the wireless. I’m happy to say that the Hardy Heron worked fine sans wires. It’s a good thing too, because my backup laptop had an old B radio card in it. I don’t think that anyone would appreciate me dropping the connection to 11Mbps. 🙂

The room was catered with fruit, juice, coffee, and pastries each morning. After lunch the breakfast items were removed and a selection of sodas were made available. For those who need their energy drink fix, there is a gift shop on the main floor of the hotel which stocks Red Bull and Rockstar (yuck).

Soon enough Brian Dennis and Petr Lapukhov joined us and the class was underway. One of my classmates pointed them out and said “There’s Brian Dennis.” I had heard his voice (over and over again) on the IECODs so it was interesting to put a face to that voice. I was very surprised at how young he was. Then I figured out that I was looking at Petr and not Brian. 🙂

There were about 20 people in the class. All but a handful of them (like myself) had been there for the previous seven days. As I stated earlier, we had a virtual United Nations going in the class. There were students from many different countries. We did brief introductions (name, experience, and lab date). Most of the students had scheduled the lab within the next 1.5 months with about 5 of them going within a week.

The format of the workshop is lecture in the morning (starting around 8 am and ending around 11 am) followed by a mock lab each day except for Friday. Monday’s lecture was about the class structure and (mostly) about lab strategies. If you’ve completed the IECOD or viewed the free COD on lab strategies, then you will have already seen a lot of what was presented. To my surprise there was a lot of new (to me) information presented. Here are a few of the things mentioned (these may or may not be verbatim):

What you can take into the lab is generally up to the proctor’s dicretion. Officially you cannot bring in anything.

The lab is in a binder with about 15 – 20 pages with plastic covers on each page. You can pull the pages out of the binder. Do that. Put them back at the end of the day. Do NOT take the pages out of the plastic cover.

The old version of the lab was on red paper with black ink (difficult to copy).

Most redistribution will take 30 minutes. Do a workaround and come back to it.

The Brussels lab location is incorrect on Google maps. Don’t stay at the Cisco recommended hotel in Brussels as you cannot walk to the lab center and driving there is difficult.

Make sure to put a slash on the end of univercd (/) or the web filter will filter.

The telnet client is SecureCRT running version 4 (or something close to it). No menus. No tabs. You can change the colors. You can change the keyboard mapping. Brian mapped the ~ key to perform copy and paste. Set your scrollback buffer to max (9999 lines). You can use access server or open a unique window to each device. IE recommends to practice labs with the lab restrictions for the last two weeks so you are used to them when you get to the real lab.

Draw your own diagram. IE says that you will get a routing protocol diagram in the lab.

The goal is to try to finish 2 hours early and then use the remaining 2 hours for verification.

There is quite a bit of grading by script in the Routing and Switching lab.

BGP is usually mentioned at the end of the discussions by Cisco, so it’s likely at the end of the test.

You don’t need to build scripts if you are running short on time. Just ping some sample routes.

When you’re done with “full reachability” you should have around 40 points.

Save your configurations after each task.

You want to score 95% of the Frame Relay, IGP, and Ethernet sections in order to pass the lab.

As I mentioned earlier, you will receive $40 worth of meal vouchers for each day of your training. These vouchers are good anything (booze included) at a number of restaurants in the resort. There is a buffet, bistro, sport bar, hamburger joint, sandwich shop, and others in the resort. IE also had a Starbucks gift card available for anyone to use to get free coffee at Starbucks (also in the hotel). You’re not going to go hungry. 🙂 Do keep in mind that the vouchers do not include gratuity, so bring some cash to tip the waitstaff.

After lunch, we started the first mock lab. I had done this lab months ago and scored an 89 on it. It was a difficulty level 6 lab and did not have a lot of interlocking questions – or so I thought. I was given the opportunity to substitute a different lab for this one since I had already taken it. I decided to do the lab because of the breakdown lecture and because I was coming into the workshop with very little time on the CLI in the prior month. My moral was at a low point and I needed an “easy victory” to get my spirits up again.

One thing that I’ve learned that surprises me is that I am not memorizing labs. My experience with practice exams is that I quickly memorize the question (and answer) so repeated attempts really don’t do me much good because I tend to remember the answer. This has NOT been the case with practice labs. I was initially worried that repeating labs would be fruitless because I would remember the answers. Not so. Maybe it’s due to the length of the labs or the fact that when I do repeat a lab it’s usually been weeks or months since my previous attempt. I did Mock Lab 1 back in March and have not looked at it since. Keen readers will sense that I’m setting the scene for a poor showing on this lab. 🙂

For the first time, I followed the advice of completing the core task first and then going back to complete the non-core tasks later. This worked out really well. Brian stated in his lecture that there are certain people who have a hard time skipping tasks. I am in that camp. I can skip (most of the time) non-core tasks that I have no clue how to solve, BUT if I think that I know the answer then I will wrestle that sucker until I complete it. This has thrown me off on a couple of timed labs. I eventually finish the task, but lose so much time and momentum that I screw myself over on the rest of the lab. By sticking to core tasks only, I was able to get full reachability in around 3 hours. Of course I would lose that advantage later when I spent about an hour trying to mine the documentation for a 3 point task instead of verifying my configuration. 😦

I finished all of the tasks that I knew how to do with about 1.5 hours left. My false sense of confidence – “this is an easy lab and I’ve seen it once before” – plus my mental exhaustion lead me to skip the verification stage and try to mine points on the tasks that I was unsure on. I’m still hitting the wall about 6 hours into a lab. At that point I had zero fucking interest in going through each task line by line. I do verification after I complete each task so I should be golden right? I think we all know the answer to that question.

The start times of the labs were slightly staggered so once you were done with your lab most people went back to their rooms or went to dinner. Most would reconvene in the conference room later to take advantage of the rack rentals or just the free wifi. The labs were all graded by the start of the next morning’s session. Brian mentioned that the labs are hand-graded by a CCIE in India. That guy really earned his pay during the week. He had to grade up to 20 (there were a couple of students who did not do the mock labs) mock labs a night. Many times my grade report was done by the time I got back from dinner.

I was unable to download a (free) telnet client that worked with Ubuntu. I DID get Putty installed and working, but could not figure out how to cut and paste. I eventually just used the terminal program in Ubuntu. While using this lead to bouts of anger because of the difference in the copy and paste function (I use Tera Term in “real life”) it was good practice as it made me adjust to a different environment.

One other surprising thing: I was not affected by the noise around me. I had brought ear plugs just in case, but I was able to focus on my lab and not get thrown off by the surrounding noise. I will still bring ear plugs to the lab (VoIP phones ringing will most like throw me off) and it should be noted that there was not a lot of noise in the workshop outside of the occasional groan and the constant clicking of keys.

Anyhoo…I’ve droned on long enough. I’ll try to get this review completed by the end of this week. If you’ve been reading these reviews so far, you know that it’s pretty unlikely that I will be able to hold to that schedule. 🙂

July 21, 2008

I haven’t given this a shot yet, but I probably will in the next couple of weeks. IPexpert offers rack rentals (via Proctor Labs). One of the new features that Proctor Labs is touting is the ability to have your IPexpert Workbook Volume 3 labs graded (called Verified Labs). You can check out a couple of videos detailing this feature here. Basically, you will be able to load the initial configurations for a Volume III lab (only labs 1 – 5 presently) then choose to have the lab timed and graded.

This a a very cost effective way for a CCIE candidate to either get a feel for where he is in his preparation or for a candidate using one vendor’s mock labs to get a feel for a different topology and style of questions. I fall into the second category and will definitely give this a try.

NOTE: These videos make reference to another new feature that will allow you to Save and Load configurations for IPexpert labs. This feature is not yet live, but will be very soon! (You can see it in action in the longer video above.)

It might be worth shooting off an email to Proctor Labs to make sure that you will be able to load the initial configurations prior to booking this.

***Updated 21 July***

I sent an email to Proctor Labs to get clarification about ability to load and save configurations. They got back to me very quickly (in a minute – seriously):

Currently the saving and loading of configurations is available for the R&S pods only; which you are an R&S candidate correct?

This means that you can use the free Volume III lab 1 as a graded mock lab for just the cost of a rack rental.

While on Proctor Labs’ site I saw that they offer a workbook of 5 mock labs for $199. I asked if these are the first five labs of the Volume III workbook (those are the ones that are currently compatible with Verified Labs grading) and the answer is “yes” “no”:

***Updated 21 July***

Oops! I misread this response to mean that the CCIE Routing and Switching Lab Preparation eBook contained the first 5 labs of Volume III:

The gradable labs are the first 5 labs in the IPexpert R&S volume 3 workbook. I do believe we also offer packages that include just the gradable labs with rack time included; if you’d like details on pricing of either products, I would be more than happy to forward your inquires onto our sales department.

IPexpert contacted me to clear this up:

The Proctor Labs eBook is a TOTALLY different group of labs than the first 5 in Workbook Volume 3. These labs were made exclusively for Proctor Labs and released last September. Just an extra 5 full mock lab scenario’s people could use and we marketed directly on the Proctor Labs website. These are not gradable either…

The gradable labs (which you could buy as a bundle) is the first 5 in Volume 3 of the R&S workbook (which consists of 10 full labs, the other 5 labs should be gradable sometime). You could purchase 5 vRack sessions along with the first 5 of Volume 3 for $500 (or the whole BLS for $999.)

Hopefully this clarifies things a bit — Don’t wanna get people too confused!!!

Sorry for the confusion. Disregard the following:

So you can get 5 graded mock labs for $374 ($199 + $175 (5 rack sessions at $35 each)). That works out to $74.80 per mock lab. PLUS you might be able to get this even cheaper by contacting Proctor Labs’ sales department and inquiring about a bundle.

I think I have it clear now. You can use the free lab 1 with a rack session for $35. You can purchase the 5 gradable labs with rack time for $500. That works out to $100 per mock lab.

Thank you to Glenn and Mike at IPexpert for responding in an insanely quick manner.

Reader ahenning left a comment confirming the $35 mock lab as well as a review of his experience:

I did this mock lab just a few days ago. At the price its a give away. It is quite a hard lab. On a scale of 1 to 10 I would give it a 8. What is great about the grading is that they actually show you the output of the verification on your devices. I had two questions that worked when I verfied them but did not when the script did. Normally I would argue the point, but because of the output, I had to think a bit. One changed because I rebooted the device and the multicast failed when the script checked because I made a change to the unicast table right at the end. So in short, the grading was correct, if it wasnt for the output I would probably have said that the script needs more work.

Im not sure how long the sample will run, but anyone within a few months of a lab date will be silly to not take advantage of it. It is basicly a free mock lab thrown in with a rack rental. Hopefully we will see more of this.